|Portable Hacking Setup Preview.pdf|
The spring is finally here, the first ray of sunshine has appeared. For those of you that celebrate it, Happy Easter! We hope that you had an amazing time with your family and friends during the Easter time.
Today we would like to present you the newest issue of Hakin9 Magazine. This time you will have a chance to read a few articles dedicated to threat hunting, its methodologies and tools. Samrat Das and Amine Amhoume wrote articles that will show you the theoretical part of threat hunting. For a more hands-on approach, you must read the text written by Biswashree Byomakesh Dash.
For those of you that are not interested in threat hunting, we have prepared other articles. Let's start with Portable Hacking Setup by Robert Fling. In this amazing tutorial you will learn how to use Raspberry Pi to construct your own pentesting device. And if you are looking for more articles about Raspberry Pi, don’t forget to check “Drop boxes on steroids” written by Paul Mellen. He presented this topic in 2013 at Hackerhalted in Atlanta.The article is updated accordingly to changes in our industry. If you have more interest in Arduino technology, I recommend reading “RubberUno” by Samir Maia Domingues Bastos and Renato Basante Borbolla. Authors present a new attack method that uses social engineering and an Arduino board.
“Python Source Code Portability and Cryptography using AES 128 bit” by our well known authors Sumanta Kumar Deb, Rohan Dutta, and Ankan Bhowmik is another great topic worthy of your time, especially if you have skills in programming with Python. “OSINT for Hackers” on the other hand is focused on rare, not well-known tools. With help of Jeff Minakata, you will learn how to use them, and what they can do.
We also have two pieces related to cloud security. The first one is written by Varun Malhotra, in his article you will find the most important information about cloud security, its providers, data management, etc. The second one is an interview with the co-founder of GameSec Company, Avi Bartov, about the cloud, security of SMB, and how DDoS attacks affect our current security systems.
We hope you will enjoy all of it.
We would also like to thank you for all your support. We appreciate it a lot. If you like this publication, you can share it and tell your friends about it! Every comment means a lot to us.
Enjoy your reading,
by Varun Malhotra
We all know the importance of Cloud Computing and the way it has been a disruptive technology that has the potential to enhance collaboration, agility, scaling and availability. Along with all that, it provides opportunities for cost reduction through optimized and efficient computing. With these opportunities, it also brings the sense of responsibility to make sure the security aspect is being taken care of from end to end.
Samir Maia Domingues Bastos and Renato Basante Borbolla
Let's approach a new attack method that uses social engineering and an Arduino. With that, after the Arduino passes as a “rubber ducky”, we will put the Arduino inside a keyboard that does not work anymore, causing the Arduino with changed firmware to pass through a physical keyboard that is imperceptible to the attack.
OSINT for Hackers
For this article, we will be focusing more on the attacker side of OSINT. It is important to understand how your adversary thinks in order to combat him. We will also be looking at some methods you can use to counter these ‘attacks.’ It is important to note that, unlike phishing (A phishing attack or phishing campaign is when a hacker sends out fake emails to users. This is generally a wide number of users, with no one in particular being targeted. The addresses could be harvested from social media sites, sales records, etc.) or vishing (Is similar to Phishing, however the attack takes place over the phone, often using a spoofed number), OSINT is normally done without direct interaction with the target. I also wanted to note that there is a huge array of tools and methods when it comes to OSINT, enough to fill several books. We will be looking at some of the tools that can be used.
Portable Hacking Setup
The introduction of the Raspberry Pi to the market was pivotal in bringing a low cost, highly flexible computer into the development/experimental sector. One only needs to do a quick search online to find dozens of projects that can be carried out with the Pi. Today, we are going to look at one such project. By utilizing a Raspberry Pi and some additional hardware (some of which you may already have), we will construct a portable hacking setup that is not only easily concealable, if needed, but highly flexible in operation.
Python Source Code Portability and Cryptography using AES 128 bit.
Sumanta Kumar Deb, Rohan Dutta and Ankan Bhowmika
Our objective is to develop a Python based application that enables portability of Python scripts in a secured manner. We encrypt our Python script using an AES 128-bit encryption standard so the receiver to whom the encrypted code is sent will receive a scrambled cipher text based on private key cryptography technique. A dedicated decrypt algorithm will convert it back to the plain script but abstracts the main script from the receiver involved by directly executing the script without giving read-write access to it. This will enforce Python script piracy and tamper proof during transmission from source to destination. Thus the user will be able to get the functionality from the script without read-write access to the source code.
The Misconception Of Threat Hunting With Other Security Practices
There is no controversy that cybersecurity attacks have increased in the last six years, and many organizations have confronted many security breaches; spreading malware left many damages to companies, too. And regardless of the security prevention system (Firewalls, IDS, SEIM) used, the ability to elude those detection systems is still growing, which creates even more challenges for security professionals. It is important to realize that the cybersecurity field is known to be composed of two separate parts, prevention and detection, in order to encounter any type of danger.
Biswashree Byomakesh Dash
So let’s discuss what assets we need to perform successful threat hunting activities. Well, all we need are logs from different types of servers such as Anti-Virus server, Proxy, DNS, Firewall, Windows, Linux and also logs from end point devices such as Sysmon or EDR logs in our network. Threat Hunting becomes more effective if you have devices to capture network traffic and they are placed in right places in the network (Corporate and DMZ) where you need to have the visibility. Network traffic contains a huge amount of valuable information, so they are also ideal sources to hunt for threat.
The Art of Threat hunting: an overview
Nowadays, an emerging skill set is emerging in the cyber security world called “Threat Hunting”. Threat hunting in simple words is the proactive process of searching through networks and isolating the threats by identifying them, which seemingly can bypass state of the art security solutions.
Drop boxes on steroids, part 1, updated for 2018
This article will detail what a drop box is, how to define your own drop box and then how to construct a basic drop box, covering both theory and practical construction of your drop box.
“The question is not any more if a cyber attack will happen but when.”
Interview with Avi Bartov, co-founder of GamaSec Company